Tech Companies Act to Prevent U.S. Access to Data Stored Overseas

NEWS ANALYSIS: Microsoft, Facebook and other companies take defensive action to keep the U.S. government from seizing data stored in the European Union.
The Microsoft executive attending the CeBIT Press Preview in Hannover, Germany, let the global press representatives there know that his company was taking action to forestall any additional efforts by the U.S. Department of Justice to access information in European data centers.
The company, he said, was in the process of building a new data center in Germany that would be designed so that it would have no connection to networks in the United States. It would be operated by Microsoft’s German subsidiary.
Facebook, meanwhile made an even wider announcement that it was doing the same thing by building a new data center in Clonee County, Ireland, near its international headquarters. Other companies, including Tableau and Foxconn, are doing the same thing instead of opening new U.S. data centers.
Meanwhile, negotiators from the United States and the European Union are trying to work out a new Trans-Atlantic Data Transfer Agreement to regulate how data access is managed between the two regions. It would reportedly provide mechanisms for EU citizens and companies to sue in U.S. courts for violations of the agreement.

All of this is necessary because the European Court of Justice struck down the existing data transfer agreement because of revelations by former National Security Agency analyst Edward Snowden that U.S. intelligence agencies were routinely gathering information from the EU that was protected by EU law.

In addition, the efforts by the U.S. Justice Department to gain access to emails contained in a Microsoft server located in Ireland and belonging to an EU citizen without using existing Mutual Legal Assistance Treaties (MLAT) have caused deep concern in the EU.
In that case, the Justice Department served Microsoft with a warrant demanding access to the email and Microsoft refused. Microsoft has repeatedly held that the existing treaties are the law of the land and that the DOJ should follow the provisions spelled out in the treaties for requesting access to data stored in servers overseas.
The Justice department has refused claiming that using the MLAT was inconvenient and too slow. As a result, the DOJ has spent more than two years so far in order to save the six months that an MLAT request usually takes.
The problem that the EU has with all of this is it believes that the existing treaties and agreements have been working just fine for 15 years. Then, two years ago, the Justice Department, pursuing a drug investigation, decided it wanted emails from an EU citizen that were stored on servers in Ireland, an EU member nation. Microsoft has refused to comply.
Since then, the DOJ has been pursuing Microsoft, and the company has been appealing. So far, the emails on the Irish server have remained there undisturbed, assuming they still exist, despite the assertion by the Justice Department that all Microsoft needed to do is go to the server and copy them.

CATEGORIES

Cyber Parse was created to provide knowledge to help everyone understand and deal with the ever increasing threats we all face by Cyber Crime (Malware, Social Engineering, Phishing and hacking).
Our purpose is to provide the right information to our readers by breaking down and communicating knowledge relating to Cyber Crime, Cyber Security, Information Security and Computer Security, then using Risk Management practices to help translate the technical aspects of the Risks, Threats, Vulnerabilities and controls to reduce the risk into business language.